Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability

A vulnerability in the IP Version 6 IPv6 packet processing functions of multiple Cisco products could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service DoS condition on the device. The vulnerability is due to...

Cisco UCS Invicta Software Default GPG Key Vulnerability

A vulnerability in Cisco UCS Invicta Software could allow an unauthenticated, remote attacker to access some encrypted information, if the attacker can intercept communication between an affected system and a Cisco UCS Invicta Autosupport server. The vulnerability is due to the presence of a...

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager JSON Privilege Escalation Vulnerability

A vulnerability in the application programming interface API web interface of the Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, remote attacker to perform privilege escalation on the affected device. The attacker can escalate privileges to...

Cisco IOS XR Software LPTS Denial of Service Vulnerability

A vulnerability in the Local Packet Transport Services LPTS network stack of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a limited denial of service DoS condition on an affected platform. The vulnerability is due to improper handling of flow base entries by LPTS...

Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability

A vulnerability in the cached file-range request functionality of Cisco AsyncOS for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an appliance due to the appliance running out of system memory. The vulnerability is d...

Cisco Web Security Appliance Connection Denial of Service Vulnerability

A vulnerability in Cisco AsyncOS for the Cisco Web Security Appliance WSA when the software handles a specific HTTP response code could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an appliance because the appliance runs out of system memory. The...

Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability

A vulnerability that occurs when parsing an HTTP POST request with Cisco AsyncOS for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS vulnerability due to the proxy process becoming unresponsive. The vulnerability is due to a lack o...

Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability

A vulnerability in HTTP request parsing in Cisco AsyncOS for the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition when the proxy process unexpectedly restarts. The vulnerability occurs because the affected software does no...

Cisco Unified Computing System Central Cross-Site Scripting Vulnerability

A vulnerability in the HTTP web-based management interface of Cisco Unified Computing System UCS Central Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to...

Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability

A vulnerability in the IPsec code of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to cause the depletion of a memory block, which may cause the system to stop forwarding traffic and result in a denial of service DoS condition. The vulnerability is d...

Cisco Identity Services Engine Active Directory Integration Component Remote Denial of Service Vulnerability

A vulnerability in the Active Directory integration component of Cisco Identity Service Engine ISE could allow an unauthenticated, remote attacker to perform a denial of service attack. The vulnerability is due to improper handling of password authentication protocol PAP authentication requests...

Cisco Adaptive Security Appliance XML Parser Denial of Service Vulnerability

A vulnerability in XML parser code of Cisco Adaptive Security Appliance Software could allow an authenticated, remote attacker to cause system instability or a reload of the affected system. The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could...

Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability

A vulnerability in the Session Initiation Protocol SIP implementation of the Cisco Video Communications Server VCS could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a malformed SIP header message. An attacker could exploit this...

Cisco Industrial Ethernet 4000 and Ethernet 5000 Series Switches ICMP IPv4 Packet Corruption Vulnerability

A vulnerability in the packet processing microcode of Cisco Industrial Ethernet 4000 Series Switches and Cisco Industrial Ethernet 5000 Series Switches could allow an unauthenticated, remote attacker to corrupt packets enqueued on the device for further processing. The vulnerability is due to...

Cisco Cloud Network Automation Provisioner SQL Injection Vulnerability

A vulnerability in the web framework of Cisco Cloud Network Automation Provisioner CNAP could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to a failure to validate user-supplied input in SQL...

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016

On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Of the six vulnerabilities disclosed, four of them may cause memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection...

Cisco Finesse HTTP Request Processing Server-Side Request Forgery Vulnerability

A vulnerability in the web interface of Cisco Finesse could allow an unauthenticated, remote attacker to trigger the Finesse server to perform an HTTP request to an arbitrary host. This type of attack is commonly referred to as server-side request forgery SSRF. The vulnerability is due to...

Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability

A vulnerability in the kernel logging configuration for Firepower System Software for the Adaptive Security Appliance ASA 5585-X FirePOWER Security Services Processor SSP module could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to high consumption of...

Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability

A vulnerability in the XML application programming interface API of Cisco TelePresence Codec TC and Collaboration Endpoint CE Software could allow an unauthenticated, remote attacker to bypass authentication and access a targeted system through the API. The vulnerability is due to improper...

Cisco FirePOWER System Software Packet Processing Denial of Service Vulnerability

A vulnerability in the packet processing functions of Cisco FirePOWER System Software could allow an unauthenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service DoS condition. The vulnerability is due to improper packet...

Cisco Prime Collaboration Assurance Open Redirect Vulnerability

A vulnerability in the web interface of Cisco Prime Collaboration Assurance Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of HTTP request parameters by the affected software. An attacker...

Cisco Information Server XML Parser Denial of Service Vulnerability

A vulnerability in the default configuration of the XML parser component of Cisco Information Server CIS could allow an unauthenticated, remote attacker to access sensitive data or cause excessive consumption of system resources, which could cause a denial of service DoS condition on a targeted...

Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016

Multiple Cisco products incorporate a version of the Network Time Protocol daemon ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or modify the time being advertised ...

Cisco Application Policy Infrastructure Controller Enterprise Module Unauthorized Access Vulnerability

A vulnerability in the application programming interface API of Cisco Application Policy Infrastructure Controller Enterprise Module APIC-EM could allow an unauthenticated, remote attacker to create false system notifications for administrators. The vulnerability is due to insufficient protection...

Cisco WebEx Meetings Server Open Redirect Vulnerability

A vulnerability in the Cisco WebEx Meetings Server CWMS web interface could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this...

Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability

A vulnerability in the HTTP URL redirect feature of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service DoS condition. The vulnerability is due to improper handling ...

Multiple Cisco Products libSRTP Denial of Service Vulnerability

Cisco released version 1.5.3 of the Secure Real-Time Transport Protocol SRTP library libSRTP, which addresses a denial of service DoS vulnerability. Multiple Cisco products incorporate a vulnerable version of the libSRTP library. The vulnerability is in the encryption processing subsystem of...

Cisco Wireless LAN Controller Denial of Service Vulnerability

A vulnerability in the Bonjour task manager of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of Bonjour traffic by the affected software. An...

Cisco Adaptive Security Appliance Software DHCPv6 Relay Denial of Service Vulnerability

A vulnerability in the DHCPv6 relay feature of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of DHCPv6 packets. An attacker could exploit this vulnerability ...

Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco Wireless LAN Controller WLC devices running Cisco AireOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to the...

Cisco IOS and Cisco IOS XE ntp Subsystem Unauthorized Access Vulnerability

A vulnerability in the ntp subsystem of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to mobilize ntp associations. The vulnerability is due to missing authorization checks on certain ntp packets. An attacker could exploit this vulnerability by ingressing...

Cisco Unified Computing System Platform Emulator Command Injection Vulnerability

A vulnerability in the Cisco Unified Computing System UCS Platform Emulator could allow an authenticated, local attacker to perform a command injection attack. The vulnerability occurs because the affected system improperly handles ucspe-copy command-line arguments. An attacker could exploit this...

Cisco Unified Computing System Platform Emulator Filename Argument Handling Buffer Overflow Vulnerability

A vulnerability in Cisco Unified Computing System UCS Platform Emulator could allow an authenticated, local attacker to trigger a heap-based buffer overflow on a targeted system. The vulnerability occurs because the affected system improperly handles libclimeta.so filename arguments. An attacker...

Cisco Catalyst Switches Network Mobility Services Protocol Port Information Disclosure Vulnerability

Cisco Catalyst Switches running Cisco IOS Software releases prior to 15.22E1 may allow an unauthenticated, remote attacker to retrieve version information about the software release running on the device by accessing the Network Mobility Services Protocol NMSP port. The vulnerability is due to a...

Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability

A vulnerability in the web framework of Cisco Unified Computing System UCS Central Software could allow an unauthenticated, remote attacker to execute arbitrary commands on a targeted system. The vulnerability is due to improper input validation by the affected software. An attacker could exploit...

Cisco Unity Connection Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient input validation of certain parameters...

Cisco IOS XR for Cisco ASR 9000 Series Aggregation Services Routers Interface Flap Vulnerability

A vulnerability in packet processing functions of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause cyclic redundancy check CRC and symbol errors on the receiving interface of an affected device, which may...

Cisco IP Interoperability and Collaboration System Cross-Site Scripting Vulnerability

A vulnerability in the web framework code of Cisco IP Interoperability and Collaboration System could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerability is due to insufficient XSS protections. An attacker could exploit this vulnerability by...

Cisco UCS Invicta Default SSH Key Vulnerability

A vulnerability in the implementation of intra-process communication for Cisco UCS Invicta Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is due to the presence of a default SSH private key that is...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Privilege Escalation API Vulnerability

A vulnerability in the web application programming interface API of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to gain elevated privileges. The vulnerability is due to improper role-based access control RBAC when an...

Cisco TelePresence Server Crafted IPv6 Packet Handling Denial of Service Vulnerability

A vulnerability in Cisco TelePresence Server devices running software versions 3.0 through 4.24.18 could allow an unauthenticated, remote attacker to cause a kernel panic on the device. The vulnerability exists due to a failure to properly handle a specially crafted stream of IPv6 packets. A...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability

A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient sanitization of HTTP user-supplied input...

Cisco TelePresence Server Crafted URL Handling Denial of Service Vulnerability

A vulnerability in Cisco TelePresence Server devices running software versions 4.12.29 through 4.24.17 could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability exists due to a failure of the HTTP parsing engine to handle specially crafted URLs. An attacker...

Cisco TelePresence Server Malformed STUN Packet Processing Denial of Service Vulnerability

A vulnerability in Cisco TelePresence Server devices running software version 3.1 could allow an unauthenticated, remote attacker to reload the device. The vulnerability exists due to a failure to properly process malformed Session Traversal Utilities for NAT STUN packets. An attacker could explo...

Cisco Firepower Malware Block Bypass Vulnerability

A vulnerability in the malicious file detection and blocking features of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. The vulnerability is due to improper input validation of fields in HTTP headers. A...

Cisco Unified Communications Domain Manager Cross-Site Scripting Vulnerability

A vulnerability in the Cisco Unified Communications Domain Manager Unified CDM could allow an authenticated, remote attacker to execute a cross-site scripting XSS attack. The vulnerability is due to insufficient input validation of user-supplied input. An attacker could exploit this vulnerability...

Cisco IOS XR Software SCP and SFTP Modules Denial of Service Vulnerability

A vulnerability in the Secure Copy Protocol SCP and Secure FTP SFTP modules of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite system files and cause a denial of service DoS condition. The vulnerability is due to improper setting of permissions on the filesystem f...

Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability

A vulnerability in the Session Initiation Protocol SIP gateway implementation in Cisco IOS, IOS XE, and Cisco Unified Communications Manager Software could allow an unauthenticated, remote attacker to cause a memory leak and eventual reload of an affected device. The vulnerability is due to...

Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability

A vulnerability in the Wide Area Application Services WAAS Express feature of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of TCP segments. An attacker could exploit this vulnerability...

Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability

A vulnerability in the DHCP version 6 DHCPv6 relay feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of DHCPv6 relay messages. An attacker could exploit this...